What is claimed is: 
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1 1. A- method for initializing a series of electronic 

2 transactions, comprising the steps of: 

3 a. \ receiving an initialization request message that 

4 \atomically binds 

5 ^ authorization data, and 

6 ii\ a blinded unvalidated certificate to be 

7 \ validated; 

8 b. determining if the authorization data is valid; 

9 c. if th\ authorization data is valid, then 

10 validating the blinded unvalidated certificate 

11 to obtainXa blinded validated certificate; and 

12 d. sending an ^initialization response message to a 

13 registrant that includes the blinded validated 

14 certificate \ atomically bound to the 

15 initialization irequest message received in step 

16 a. \ 

1 2. The method of claim 1, further comprising the step of 

2 receiving a registration acknowledgment message from a 

3 registrant acknowledging that ttte registrant has received 

4 the initialization response message . 

1 3. The method of claim 1, whereYn the initialization 

2 request message includes a nonce, a session key and a 

3 blinding factor applied to the rfbnce, and further 

4 comprising the step of storing the initialization request 

5 message and the initialization response message in a 

6 recovery database . \ 
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4. \a method for recovering from an interruption in 

2 initializing an electronic transaction, comprising the 

3 steps ofV: 

4 a. Veceiving a first initialization request message 

5 from a registrant that includes a nonce, a session key, 

6 and a blinding factor applied to the nonce, and that 

7 atomically bincxs 

8 i. authorization data, and 

9 ii. a tfiinded unvalidated certificate to. be 

10 validated; 

11 b. storing the \nitializat ion request message in a 
12- recovery database,* 

13 c. determining if Xhe authorization data is valid; 

14 d. if the authorisation data is valid, then 

15 validating the blinded unvalidated certificate 

16 to obtain a blinded\validated certificate; 

17 e. sending a first initialization response message 

18 to a registrant thaV includes the blinded 

19 validated certificate atomically bound to the 

20 initialization request message received in step 

21 a; \ 

22 f . storing the first initialization response 

23 message in a recovery database; 

24 g. receiving a second initialization request 

25 message; \ 

26 h. determining if the second initialization request 

27 message has the same nonce, session key, and 

28 blinding factor applied to the nonce as the 
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irst initialization request message stored in 

30 the recovery database; and 

31 i. if Vhe second initialization request message 

32 has Vhe same nonce, session key, and blinding 

33 factoit applied to the nonce as the first 

34 init iarization request message, then 

35 1. retrieving the first initialization 

36 response message from the recovery 

37 database; and 

38 2. sending\the first initialization response 

39 message no the registrant. 

15. A method for performing an electronic transaction, 

2 comprising the steps of : \ 

3 a. receiving a transaction request message that 

4 atomically binds \ 

5 i. an unblinded certificate, and 

6 ii. a blinded unvalidVted certificate to be 

7 validated; \ 

8 b. determining if the unbliiaded certificate is 

9 valid; and \ 

10 c. if the unblinded certificate^ is valid, then 

11 performing a transaction response that includes: 

12 i. validating the blinded unvalidated 

13 certificate to. obtainX a validated 

14 blinded certificate, and\ 

15 ii. sending the validated blinded 

16 certificate atomically bouhd to the 

17 transaction request message to a 
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r\ transaction response recipient in a 
19 \ transaction response message. 

1 6. The method of\ claim 5, wherein the transaction 

2 response further includes making available a product to a 

3 party. \ 

1 7. The method of claim 5, wherein the transaction 

2 response further includes\pbtaining payment for a product. 

1 8. The method of claim 5,\f urther comprising the step of 

2 receiving a transaction acknowledgment message from a 

3 registrant acknowledging thaV the transaction response 

4 recipient has received the transaction response message. 

1 9. The method of claim 5, further comprising the step of 

2 storing the transaction request message and the 

3 transaction response message in a recovery database. 

1 10. A method for recovering from an^ interruption in an 

2 electronic transaction, comprising the steps of: 

3 a. receiving a first transaction request message 

4 that includes a session key\ a nonce and a 

5 blinding factor applied to the\nonce, and that 

6 atomically binds \ 

7 i . an unblinded certificate, and 

8 ii. a blinded unvalidated certificate to be 

9 validated; \ 

10 b. storing the first transaction requestVnessage in 

11 a recovery database; \ 
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ietermining if the unblinded certificate is 
valid; and 

if \ the unblinded certificate is valid, then 
performing a transaction response that includes 
validating the blinded unvalidated 
certificate to obtain a validated 
blinded certificate , 
xi. \ sending the validated blinded 
certificate atomically bound to the 
transaction request message to a 
transaction response recipient in a 
f irs\ transaction response message , 
and 

iii. storing the first transaction response 
message \in a recovery database; 
receiving a second\transact ion request message 
that includes a session key, a nonce and a 
blinding factor applied to the nonce , and that 
atomically binds 

i. an unblinded certificate, and 

ii. a blinded unvalidated certificate to be 
validated; 

determining if the second Ntransaction request 
message has the same nonce A session key, and 
blinding factor applied to khe nonce as the 
first transaction request message stored in the 
recovery database; and 

if the second transaction request message has 
the same nonce, session key, and blYnding factor 
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Applied to the nonce as the first transaction 
request message, then- 

i. \ retrieving the first transaction response 
Vmessage from the recovery database, and 

ii. lending the first transaction response 
message to the transaction response 
recipient . 



1 11. A method for auditing an electronic transaction, 

2 comprising the steps of\ 

3 a. receiving a transaction request message that 

4 atomically binds 

5 i . an unblinded\ cert if icate , 

6 ii. a blinded un\alidated certificate to be 

7 validated, and 

8 iii. blinded audit daVa; 

9 b. sending an audit request message atomically 

10 bound to the transaction 

11 audit recipient; 

12 c. receiving an audit respons^e message atomically 

13 bound to the audit transaction message, wherein 

14 the audit response message includes audit 

15 response data; 

16 d. determining if the blinded audit data is valid 

17 using the audit response data. 



request message to an 



1 12. The method of claim 11, wherein the auc^it response 

2 data is determined to be valid if 
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i. t\he audit response data corresponds to. the 
.nded audit data received in the transaction 

request message, and 

ii. the audit response data is legitimate. 



13. An apparatus for initializing a series of electronic 
transactions, comprising: ■ 

a. a processor^ and 

b. a memory that stores instructions adapted to be 
executed by said processor to, 

i. receive an initialization request message 
that atomically binds authorization data 
and a blindeol unvalidated certificate to be 
validated ; 

ii. determine if" 'the authorization data is 
valid; \y 

iii. if the authorization data is valid, then to 
validate the \ blinded unvalidated 
certificate to obtain a blinded validated 
certificate; and 

iv. send an initialization \response message to 
a registrant that includes the blinded 
validated certificate atomnically bound to 
the initialization request\message , 

said memory coupled to said processor. 

1 14. The apparatus of claim 13, further comprising a port 

2 adapted to be coupled to a network, said port >coupled to 

3 said memory and said processor. 
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15V. An apparatus for performing an electronic 

2 transaction, comprising: 

3 ay a processor; and 

4 k-\ a meTTlo: ry that stores instructions adapted to be 

5 \executed by a processor to 

6 i\. receive a transaction request message that 

7 \ atomically binds an unblinded certificate 

8 \and a blinded unvalidated certificate to be 

9 validated; 

\ 

10 ii. determine if the unblinded certificate is 

11 valid; and 

12 iii. if theVunblinded certificate is valid, then 

13 to perform a transaction response that 

14 validates^ the blinded unvalidated 

15 certificate to obtain a validated blinded 

16 certificate ,\ and sends the validated 

17 blinded certificate atomically bound to the 

\ 

18 transaction request message to a 

19 transaction response recipient in a 

20 transaction response message, 

21 said memory coupled to said processor. 

1 16. The apparatus of claim 15, further comprising a port 

2 adapted to be coupled to a network, saSLd port coupled to 

3 said memory and said processor. \ 

1 17. An apparatus for auditing an electroniV transaction, 

2 comprising: \ 

3 a. a processor; and \ 
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memory that stores instructions adapted to be 
ekecuted by said processor to 

i. \ receive a transaction request message that 
atomically binds an unblinded certificate 
\and a blinded unvalidated certificate to be 
validated and blinded audit data; 

ii. send an audit request message atomically 
bound to the transaction request message to 
an audit recipient; 

iii. receiw 



atomically bound to the audit transaction 
message A where the audit response message 
includes audit response data; and 
determine \if the blinded audit data is 
valid using\the audit response data, 
said memory coupled to said\processor . 



an audit response message 



iv 



1 

2 
3 



18. The apparatus of claim ll\ further comprising a port 

letwork, said port coupled to 



adapted to be coupled to a ne 
said processor and said memory 



1 19. An apparatus for recovering from an interruption in 

2 an electronic transaction, comprisi] 

a. a processor; and 

b. a memory that stores instructions adapted to be 
executed by said processor to 

i. receive a first transact ioA request message 
that includes a session key\ a nonce and a 
blinding factor applied to ttoe nonce, and 
that atomically binds a\ unblinded 
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certificate and a blinded unvalidated 
ertificate to be validated; 
n. s^ore the first transaction request message 
in\ a recovery database; 

iii. determine if the unblinded certificate is 
valid; 

iv. . if the unblinded certificate is valid, then 
perfcvrming a transaction response that 
validates the blinded unvalidated 
certificate to obtain a validated blinded 
certificate, sends the validated blinded 
certificate atomically bound to the 
transaction request message to a 
transaction response recipient in a first 
transaction\ response message, and stores 
the first transaction response message in 
a recovery database; 

v. receive a second transaction request 
message that includes a session key, a 
nonce and a blinding factor applied to the 
nonce, and that\ atomically binds an 
unblinded certificate and a blinded 
unvalidated certificate to be validated; 

vi . determine if the secorfd transaction request 
message has the same iaonce , session key, 
and blinding factor applVed to the nonce as 
the first transaction \ request message 
stored in the recovery database; 

vii. if the second transaction Vequest message 
has the same nonce, session key, and 
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^blinding factor applied to the nonce as the 

41 tirst transaction request message, then to 

42 retrieve the first transaction response 

43 massage from the recovery database and send 

44 thA first transaction response message to 

45 the transaction response recipient, 

46 said memory coupled to said processor. 

1 20. The apparatus of ^lairn 19, further comprising a port 

2 adapted to be coupled a network, said port coupled to 

3 said processor and said memory. 

1 21. A medium that stores instructions adapted to be 

2 executed by a processor to {perform the steps of: 

3 a. receiving an init iadizat ion request message that 

4 atomically binds \ 

5 i. authorization data, and 

6 ii. a blinded unvalidated certificate to be 

7 validated; \ 

8 b. determining if the authorization data is valid; 

9 c. if the authorization Sata is valid, then 

10 validating the blinded unvalidated certificate 

11 to obtain a blinded validated certificate; and 

12 d. sending an initialization response message to a 

13 registrant that includes the Mslinded validated 

14 certificate atomically bound to the 

15 initialization request message received in step 

16 a. \ 
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1/22. ^ medium that stores instructions adapted to be 

2 executed by a processor to perform the steps of : 

3 a. \ receiving a transaction request message that 

4 Vtomically binds 

5 i\ an unblinded certificate, and 

6 ii\ a blinded unvalidated certificate to be 

7 \ validated ; 

8 b. determining if the unblinded certificate is 

9 valid A and 

10 c. if the \unblinded certificate is valid, then 

11 performing a transaction response that includes 

12 i. validating the blinded unvalidated 

13 certificate to obtain a validated blinded 

14 certificate, and 

15 ii. sending tne validated blinded certificate 

16 atomically Btound to the transaction request 

17 message to a transaction response recipient 

18 in a transaction response message. 

1 23. A medium that stores instructions adapted to be 

2 executed by a processor to perform the steps of: 

3 ' a. receiving a transaction, request message that 

4 atomically binds \ 

5 i . an unblinded certificate, 

6 ii. a blinded unvalidated\certif icate to be 

7 validated, and \ 

8 iii. blinded audit data; \ 

9 b. sending an audit request mess^qe atomically 

10 bound to the transaction request ns^essage to an 

11 audit recipient; \ 
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rc.V receiving an audit response message atomically 
\ bound to the audit transaction message, wherein 

14 tshe audit response message includes audit 

15 response data; 

16 d. determining if the blinded audit data is valid 

17 using\the audit response data. 

1 24. A system for\ performing an electronic transaction, 

2 comprising: \ 

3 a. means for\ receiving a transaction request 

4 message thatrv atomically binds 

5 i . an unbliiaded certificate, and 

6 ii. a blindeck unvalidated certificate to be 

7 validated; \ 

8 b. means for determining if the unblinded 

9 certificate is valYd; and 

10 c. means for validating the blinded unvalidated 

11 certificate to obt\in a validated blinded 

12 certificate; and \ 

13 d. means for sending \he validated blinded 

14 certificate atomically bound to the transaction 

15 request message to a transaction response 

16 recipient in a transaction Vesponse message. 

1 25. The system of claim 24, further comprising means for 

2 auditing an electronic transaction. \ 

1 26. The system of claim 24, further comprising means for 

2 initializing a series of electronic transactions . 
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